Oops. So Charlie got a third MacBook and some cash from Tipping Point, Tipping Point got an exploit, Tipping Point sold an exploit to Apple, and three weeks to the day Apple pushed out a patch for it. Not totally good but not totally bad either. IE8 users (are there any?) are still waiting for their patch...

Forbes went on the attack against Apple already on the day after the contest, writing 'Miller applied NSA skills to exposing Apple's Swiss-cheese security'. (No one from ZD was involved in the article.) But author Andy Greenburg does point out that Apple is Charlie's platform of choice.

Comments at the Forbes article get rowdy.

'Articles like this pop up every few years', reasons 'MajorWebUser' the following day.

'The purpose is primarily sensationalised self-promotion.'

'Applying the same fears and concern for cyber security to our homes, the authors would have us armed with an array of motion sensors, heat sensors, microphones, pressure plates, laser triggers, guard dogs, and a private security team on call 24/7.'

'Talk to any cop and they'll tell you that a set of solid deadbolt locks and common sense will do the job.'

Well actually all they said (with a bit of hyperbole) was that Charlie Miller found a bug again and Apple fixed it.

'I've never seen such a breach on a Mac system', adds 'MajorWebUser'.

Well actually you did. Right here. Or in Vancouver. That's why Apple fixed it.

'The Windows Fanbois get all aflutter about this stuff, it must really hurt watching these last 9 years OS X continue without even ONE virus', posts the mysterious 'NotTellinYou' who evidently isn't planning on revealing his real identity. 'To me if a guy that knows more about security than I ever will uses a mac, I feel pretty good using one too!'

'In fact, in all the years (25) that I personally have been using, installing and supporting Macs [...] I've not seen a SINGLE instance of a Mac being infected by spyware or malware.'

Somebody with pants on fire has a nose growing longer than a telephone wire.

'To the person who thinks Charlie Miller is being deceptive I can tell you he is not', jumps in 'joe6620'. So now 'uruzone' is back.

'This guy's accomplishments have been falsely reported over and over by leaving out the one CRUCIAL bit of information that this article does its level best to gloss over: THE EXPLOITS REQUIRE USER INTERACTION. Just navigating to a website can NOT infect your Mac and install spyware through Safari. ANY process that happens at the system level REQUIRES an administrator's name and password.'